Sign up to our newsletter
The latest security news direct to your inbox
When we think Advance Fee Fraud (AFF) we usually think in terms of the 419-type scams often associated with Nigeria, though similar frauds actually come from all over.
You know the sort of thing: the banker, or the wife or son or daughter of a defunct dictator or benevolently inclined millionaire plane-crash victim wants to share their fortune with you in return for your help in relocating them and their money, or you;'ve won millions in a lottery, and so on. (There are some pretty creative minds working on some of these, so don't assume that I've covered more than a fraction of the possibilities here.) The common denominator, however, is that you'll always be required at some point to pay money in some form (a bribe, a tax, a registration fee and so on) before the (imaginary) benefit can be transferred to you.
There are other types of AFF scam, though, many executed by snailmail rather than email, and more carefully targeted at the elderly and other vulnerable groups. I'm not sure how widespread the problem is globally (though as many of the offenders are on the Continent, I assume it's widespread in Europe, not just the UK, but I've been aware of the issue for a good while (after all, I have friends and relatives who are even more elderly than me). However, I haven't addressed it much publicly as it's not generally thought of as a (directly) on-line issue.
Recently, though, John Walker of the BCS Information Security Specialist Group drew my attention to the "Think Jessica" web site at http://www.thinkjessica.com/, which is supported by (among others) the UK's Serious Organized Crime Agency (SOCA) and is doing very significant work in this area. Apart from the obvious scams (competitions, inheritance scams, the sort of thing we also see as 419s), it also points to types of scam that are more snailmail oriented (clairvoyant scams, catalogue scams, "free" samples, debt recovery fraud).
I suppose I'm somewhat hardened to the human capacity for preying on the weak and vulnerable, or for profiting from tragedy (like 9/11 scams and tsunami scams), having worked in security and cybercrime management for so many years, What makes my blood boil even more is the absence of political and judicial will to deal with this particularly ugly manifestation.
I think I feel a crusade coming on.
David Harley BA CISSP FBCS CITP
Director of Malware Intelligence
ESET Threatblog (TinyURL with preview enabled): http://preview.tinyurl.com/esetblog
ESET Threatblog notifications on Twitter: http://twitter.com/esetresearch (or @ESETblog)
ESET White Papers Page: http://www.eset.com/download/whitepapers.php
Securing Our eCity community initiative: http://www.securingourecity.org/
Author David Harley, ESET